#!/bin/sh
#
# snortd         Start/Stop the snort IDS daemon.
#
# chkconfig: 2345 40 60
# description:  snort is a lightweight network intrusion detection tool that
#               currently detects more than 1100 host and network
#               vulnerabilities, portscans, backdoors, and more.
#
# June 10, 2000 -- Dave Wreski <dave@linuxsecurity.com>
#   - initial version
#
# July 08, 2000 Dave Wreski <dave@guardiandigital.com>
#   - added snort user/group
#   - support for 1.6.2

# Source function library.
. /etc/rc.d/init.d/functions

# Specify your network interface here
INTERFACE=eth1

# See how we were called.
case "$1" in
  start)
        echo -n "Starting snort: "
        ifconfig eth1 up
	daemon /usr/local/bin/snort -U -o -i $INTERFACE -d -D \
                -c /etc/snort/snort.conf
        touch /var/lock/subsys/snort
        sleep 3
	rm /var/log/snort/alert
	echo
        ;;
  stop)
        echo -n "Stopping snort: "
        killproc snort
        rm -f /var/lock/subsys/snort
        echo
        ;;
  restart)
        $0 stop
        $0 start
        ;;
  status)
        status snort
        ;;
  *)
        echo "Usage: $0 {start|stop|restart|status}"
        exit 1
esac

exit 0